khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 02:09:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

Add X-Frame-Options header to nginx

Browse Source 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
This commit is contained in:
J0WI
2019-07-01 22:17:09 +02:00
parent 01adb70614
commit d7daa197a8
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
admin_manual/installation/nginx.rst
View File

@@ -72,6 +72,7 @@ webroot of your nginx installation. In this example it is
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options "SAMEORIGIN";
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
@@ -169,6 +170,7 @@ webroot of your nginx installation. In this example it is
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options "SAMEORIGIN";
# Optional: Don't log access to assets
access_log off;
@@ -223,6 +225,7 @@ your nginx installation.
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options "SAMEORIGIN";
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
@@ -320,6 +323,7 @@ your nginx installation.
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options "SAMEORIGIN";
# Optional: Don't log access to assets
access_log off;